Cookies and Your Privacy: Past, Present and Future

Since the creation of the internet, “cookies” have been used to monitor the activities of consumers on the web, but what exactly is the need for cookies and how do they work?

Cookies were first introduced to the internet as a method for web pages to remember a visitor.

They were used to store things such as passwords, user names, or the contents of an online shopping cart after a browser leaves a certain page. So when a browser returned to a page, they would not have to re-enter their password or refill their shopping cart.

Through the use of cookies, the web page would remember their previous visit and it would be like they never left the page in the first place.

However, as the internet has continued to develop so have cookies. Now they are shared amongst linked web pages to help profile users and track their movements over the world wide web.

Background

Cookies are best described as a piece of text stored on a user’s computer by their web browser. When Lou Montulli, a well known web browser producer, first introduced cookies to the internet in 1994, they were originally intended to make the web browsing experience easier for the user by implementing a virtual shopping cart.

With the ability of a website to remember specific visitors through cookies, the site could store and remember what the visitor was shopping for. Even after leaving the site, the user could return and pick up right where they had left off, making the internet shopping experience much more user friendly.

As cookies progressed and developed further, they began to take on new tasks, such as remembering the user names and passwords of users, making signing into websites much easier.

However, as the general public became more aware of cookies throughout the late 1990’s, their downside began to surface. In 1996, cookies began to receive media attention due to their potential privacy issues.

If web sites can store information about specific users, what else are they capable of keeping tabs on? And furthermore, in what other ways is this information being used?

Strategic Planning Assumptions

-For personal use, people using the internet will have to decide what is more important to them, simplicity or privacy?

-In the near future, companies will undoubtedly make their employees use an internet browser that disables cookies. For a business, not protecting a customers personal information could lead to major legal problems. This possibility can be eliminated by disabling cookies.

-If restrictions to cookies become common place on the internet, the Internet Advertising Bureau will be forced to make major changes to the way they obtain information about internet users. This could potentially alter the entire structure of internet advertising as we know it today.

Analysis

Throughout the development and advancement of cookies they have continued to take on more tasks and responsibilities. Where they were originally intended to make the web browsing experience easier, many would now question their impact on privacy.

With the different types of cookies being used by web browsers on the internet today, an individual’s personal preferences are now not only being stored, but also being shared amongst different websites.

For example, third party cookies are now something that all internet users should be aware. Third party cookies have introduced the idea of behavioral targeting, by allowing different sites to share the stored information from cookies.

For instance, when users are researching Barrack Obama on one site, and then they visit another site and an ad pops up selling a Barrack Obama biography, they have been the victim of a third party cookie.

The easiest way to get rid of cookies and prevent behavioral targeting is to delete the cookies currently on your personal computer.

Cookies are essentially just a text file that is stored so deleting them is pretty simple. They do not have the same properties as viruses so they do not replicate themselves, however some new types of cookies do have the ability to fight against being deleted.

Flash cookies for instance, have the ability to spawn new cookies once deleted without the user ever knowing. Ultimately, the most effective way to minimize cookies on your personal computer is through the settings in your internet browser.

By selecting the option to “disable cookies completely,” a person can rid their personal computer of cookies. However, this also eliminates the positives of cookies, such as remembering user names and passwords.

Implications

-Enabling cookies makes surfing the web much easier and provides a more satisfying user experience. Cookies help to eliminate the process of repeatedly inputting information to websites that a user frequently visits.

-At the same time these cookies are monitoring the activities and interests of individual users. Also, personal information such as an address or phone number can be stored and shared through cookies.

-Restrictions on cookies have not gone unchallenged. The Internet Advertising Bureau, which generated ad spending of about $20.12 billion in 2010, contends that they would not survive with a prior consent rule set in place.

-Other websites such as facebook.com, google.com, and amazon.com contend that a prior consent rule would be costly and disruptive “to the detriment of website users.”

Key Findings

-Cookies are continuously being developed and altered to more effectively track the activities of individual internet users. Flash cookies make deleting cookies off your computer more difficult while third party cookies are shared amongst different advertising websites to more effectively appeal to a person’s interests.

-Currently cookies are a hot button issue. Most of the major web browsers such as Firefox and Internet Explorer are in the process of developing a regulated “do not track” tool.

-The European Union is also working on a mandate that would force web browsers to obtain consent before tracking users through cookies. This however is currently still in the court systems due to different countries interpreting the laws differently. The debate is over whether internet users should have to opt in (agree to cookies) or opt out (deny them.)

This will require you to repeatedly enter user names and passwords, but ultimately those extra few seconds are not as important as keeping your personal information private.

-Educate yourself with the current state of cookies. Currently the issue of cookies and internet privacy is up for debate amongst all of the major web browsers. By staying up to date you can ensure that you will not fall victim to the latest version of cookies.

-Know your web browser. Get familiar with its options and capabilities. Apple’s newest web browser, Lion, which will be released this summer will have a “do not track” privacy tool. Internet Explorer and Firefox on the other hand, are still implementing a similar option.

SOURCES

“Apple Adds Do Not Track Tool To New Browser.” Nick Wingfield. Wallstreetjournal.com. April 14, 2011

The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.